365 Apps Security Vulnerabilities and Issues — 365 Apps CVE List

Lucene search

Microsoft365 Apps

13 matches found

CVE•added 2020/10/16 11:15 p.m.•253 views

CVE-2020-16947

A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the targeted user. If the targeted user is logged on with admi...

9.3CVSS7.7AI score0.54529EPSS

CVE•added 2020/10/16 11:15 p.m.•176 views

CVE-2020-16929

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ...

7.8CVSS7.9AI score0.11232EPSS

CVE•added 2020/10/16 11:15 p.m.•175 views

CVE-2020-16933

A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file co...

8.8CVSS6.6AI score0.0284EPSS

CVE•added 2020/10/16 11:15 p.m.•163 views

CVE-2020-16918

A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.An attacker who successfully exploited the vulnerability would gain execution on a victim system.The security update addresses the vulnerability by correcting how the Base3D rendering engine hand...

9.3CVSS7.8AI score0.10474EPSS

CVE•added 2020/10/16 11:15 p.m.•161 views

CVE-2020-16949

A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system.Exploitation of the vulnerability requires that a spe...

7.5CVSS4.8AI score0.02845EPSS

CVE•added 2020/10/16 11:15 p.m.•155 views

CVE-2020-16954

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with adminis...

7.8CVSS7.7AI score0.10674EPSS

CVE•added 2020/10/16 11:15 p.m.•152 views

CVE-2020-16957

A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing ...

9.3CVSS7.7AI score0.08062EPSS

CVE•added 2020/10/16 11:15 p.m.•149 views

CVE-2020-16930

7.8CVSS7.7AI score0.1023EPSS

CVE•added 2020/10/16 11:15 p.m.•146 views

CVE-2020-16932

7.8CVSS7.7AI score0.07314EPSS

CVE•added 2020/10/16 11:15 p.m.•144 views

CVE-2020-16931

7.8CVSS7.7AI score0.07314EPSS

CVE•added 2020/10/16 11:15 p.m.•138 views

CVE-2020-16955

An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges.To exploit this vulnerability, an attacker would need to convince a user to open a speci...

7.8CVSS7.4AI score0.08331EPSS

CVE•added 2020/10/16 11:15 p.m.•82 views

CVE-2020-16928

7.8CVSS7.4AI score0.08331EPSS

CVE•added 2020/10/16 11:15 p.m.•81 views

CVE-2020-16934

7.8CVSS6.7AI score0.0284EPSS